terraform-provider-infoblox
terraform-provider-infoblox copied to clipboard
Published
20 hours ago •
infobloxopen
infobloxopen
Creating infoblox_zone_auth.dns_zone succeeds but destroy fails. Not a permissions issue.
OpenTofu v1.10.4
on linux_amd64
+ provider registry.opentofu.org/infobloxopen/infoblox v2.10.0
terraform {
required_providers {
infoblox = {
source = "infobloxopen/infoblox"
version = "= 2.10.0"
}
}
}
resource "infoblox_zone_auth" "dns_zone" {
fqdn = "aaaaaaaaaaa.aaaa000.usva0017.oraclevcn.com"
ns_group = "Internal Name Servers"
comment = "Created with Terraform"
restart_if_needed = true
}
Similar to #178 but I don't think this is a permissions issue. I've logged in with the provider name/password on the Infoblox GUI. I can create and delete zones at will. I can delete the zone created with Terraform via the GUI. To my knowledge, the account has full permissions as I can do everything else Infoblox-ish.
tofu apply
OpenTofu used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
OpenTofu will perform the following actions:
# infoblox_zone_auth.dns_zone will be created
+ resource "infoblox_zone_auth" "dns_zone" {
+ comment = "Created with Terraform"
+ fqdn = "aaaaaaaaaaa.aaaa000.usva0017.oraclevcn.com"
+ id = (known after apply)
+ internal_id = (known after apply)
+ ns_group = "Internal Name Servers"
+ ref = (known after apply)
+ restart_if_needed = true
+ soa_default_ttl = 28800
+ soa_expire = 2419200
+ soa_negative_ttl = 900
+ soa_refresh = 10800
+ soa_retry = 3600
+ view = (known after apply)
+ zone_format = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
OpenTofu will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
infoblox_zone_auth.dns_zone: Creating...
infoblox_zone_auth.dns_zone: Creation complete after 0s [id=zone_auth/ZG5zLnpvbmUkLl9kZWZhdWx0LmNvbS5vcmFjbGV2Y24udXN2YTAwMTcuYWFhYTAwMC5hYWFhYWFhYWFhYQ:aaaaaaaaaaa.aaaa000.usva0017.oraclevcn.com/default]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
tofu destroy
infoblox_zone_auth.dns_zone: Refreshing state... [id=zone_auth/ZG5zLnpvbmUkLl9kZWZhdWx0LmNvbS5vcmFjbGV2Y24udXN2YTAwMTcuYWFhYTAwMC5hYWFhYWFhYWFhYQ:aaaaaaaaaaa.aaaa000.usva0017.oraclevcn.com/default]
OpenTofu used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- destroy
OpenTofu will perform the following actions:
# infoblox_zone_auth.dns_zone will be destroyed
- resource "infoblox_zone_auth" "dns_zone" {
- comment = "Created with Terraform" -> null
- fqdn = "aaaaaaaaaaa.aaaa000.usva0017.oraclevcn.com" -> null
- id = "zone_auth/ZG5zLnpvbmUkLl9kZWZhdWx0LmNvbS5vcmFjbGV2Y24udXN2YTAwMTcuYWFhYTAwMC5hYWFhYWFhYWFhYQ:aaaaaaaaaaa.aaaa000.usva0017.oraclevcn.com/default" -> null
- internal_id = "3251a6c4-b9c6-4cca-a00c-124de6450ab3" -> null
- ns_group = "Internal Name Servers" -> null
- ref = "zone_auth/ZG5zLnpvbmUkLl9kZWZhdWx0LmNvbS5vcmFjbGV2Y24udXN2YTAwMTcuYWFhYTAwMC5hYWFhYWFhYWFhYQ:aaaaaaaaaaa.aaaa000.usva0017.oraclevcn.com/default" -> null
- restart_if_needed = true -> null
- soa_default_ttl = 28800 -> null
- soa_expire = 2419200 -> null
- soa_negative_ttl = 900 -> null
- soa_refresh = 10800 -> null
- soa_retry = 3600 -> null
- view = "default" -> null
- zone_format = "FORWARD" -> null
}
Plan: 0 to add, 0 to change, 1 to destroy.
Do you really want to destroy all resources?
OpenTofu will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
infoblox_zone_auth.dns_zone: Destroying... [id=zone_auth/ZG5zLnpvbmUkLl9kZWZhdWx0LmNvbS5vcmFjbGV2Y24udXN2YTAwMTcuYWFhYTAwMC5hYWFhYWFhYWFhYQ:aaaaaaaaaaa.aaaa000.usva0017.oraclevcn.com/default]
╷
│ Error: WAPI request error: 400('400 Bad Request')
│ Contents:
│ { "Error": "AdmConDataError: None (IBDataConflictError: IB.Data.Conflict:You have no permission to delete this object recursively)",
│ "code": "Client.Ibap.Data.Conflict",
│ "text": "You have no permission to delete this object recursively"
│ }
